Victoria A. Johnson

Luckily this was detected and responded to and appears to have had minimal impact. I’m curious as to what triggered the investigation. Usually, an investigation will occur because the card associations (e.g. Visa, MasterCard) identify a fraud trend at specific merchant. Sometimes, however security controls detect anomalies on the network and trigger an investigation.

Those who live in a glass house shouldn’t throw stones. You would have thought his IT team would be on point when it comes to IT security after watching what happened to Hillary. In many cases IT is always an afterthought until something goes wrong and this is a perfect example of something waiting to go wrong.

If this happens to be true, it looks like he needs to protect his business I.T. infrastructure before learning how to protect The U.S.’. Also, how come auditors failed to find such critical vulnerabilities, since he claimed of being audited on a yearly basis? The power of the “Reconnaissance” step.

hello Jimmy/class- in a radio show on my way to work i head the reported touching about this incident and how the version of Microsoft server has not been patched in over a year. at his conclusion and I think it was brilliant he mention “Mr. Trump, instead of worrying about the Mexican wall, you should worry about your firewall.”

Jimmy, great article. I’m an iPhone user and have been for many years. I do like the iPhone, but the first thing I do when and update comes out is…..wait 3 weeks before I deploy it! Seems like Apple never gets it right the first time. It’s so very scary when we think about how much of our lives are tied to our phones. Banking, emails, passwords. It’s all up for grabs! It’s a wonder we can ever put our heads down and night and rest comfortably.

Scott

Scott,

I need to follow that line of thinking. Give them some time to work out the kinks of the latest IOS and send the latest security patches.

I’m glad this vulnerability was discovered. While I don’t typically backup my iPhone to iTunes, there have been times I’ve done this either as a precaution or because my iCloud account was full. We typically don’t think to delete these backup files, so there was a risk that data backed up during this period could be stored indefinitely without a user knowing it was vulnerable.

I wonder if Apple can identify users that have backed up their data to iTunes when they were on this version and notify them to securely delete their backups.

Jimmy, this is an interesting article. I never usually update to the latest iOS because of all the bugs that the new iOS initially has. This time, I was forced to have iOS 10 because I purchased a new iPhone 7, which came pre-loaded with the software. Typically, I do not use iTunes to back-up my device. I generally use iCloud, and pay $.99 a month for 50GB of storage. It is interesting that Apple would leave this security flaw in its encrypted backups to allow for a brute force attack. I am sure they patched the problem quickly, as they generally do when a major security flaw is discovered.

Nice work. Same comment as for others. I would lighten up on the personal info. Just mention that you identified personal info.

This is just the tip of the Ice berg so to speak. As IoT (Internet of Things) expands we are likely to see this story repeated often, Many IoT devices sit on the internet and have severe vulnerabilities. We are already seeing them leveraged for DDoS attacks.

Wade